GDPR IT Support in Blackpool

WHAT IS GDPR ?

GDPR stands for General Data Protection Regulation . GDPR replaces the existing protection that was introduced in 1995 and has been created by the European Parliament, the Council of the European Union and the European Commission to strengthen and unify data protection for all residents of the European Union.

WHEN DOES IT COME IN TO EFFECT?

There is only a short time left for organisations to become compliant with the new law that comes into force on 25th May 2018, IT security should be front of mind for businesses of all sizes.

HOW WILL IT AFFECT YOUR BUSINESS?

Whether you deal directly with the public or have a HR department holding personal information on staff members then this will include you, GDPR widens the definition of personal data and includes information such as an online identifier e.g. an IP address. In broad terms, GDPR will apply to any information that can be used to identify an individual. Personal data itself includes obvious categories (name, identification number, etc.) but also includes location data, physical and physiological information. It includes for the first time characteristics such as genetic, mental, economic or social information and there is particular sensitivity about what it refers to as special categories — racial, ethnic, political, religious, health, biometric and sexual orientation. Profiling and personal preferences, which demonstrate a person’s conduct and behaviour, are also within the scope of GDPR. For example, the fact that an individual liked a particular tweet or Facebook post would constitute personal data. In reality, hardly any personal data will not fall under GDPR. For some companies, the classification of data already in their possession maybe an initial challenge in terms of separating personal data from other information held.

BREXIT AND GDPR

UK organisations handling personal data will still need to comply with the General Data Protection Regulation (GDPR), regardless of Brexit. The GDPR will come into force before the UK leaves the EU, and the government has confirmed that the Regulation will apply, a position that has also been confirmed by the Information Commissioner.

HOW YOU CAN PREPARE AND HOW SENTINEL CAN HELP?

Sentinel have been working closely with IT security professionals to ensure our customers have as much information and are as prepared as possible for GDPR. Although the ICO have no definite rules or guidelines in place Sentinel have a range of solutions to assist with compliance for GDPR.

Data Backup

GDPR puts an obligation on companies to have an effective, regularly tested Disaster Recovery (DR) solution in place:
Article 32(1) (a)-(d) Appropriate technical and organizational measures are described as including (Article 32(1) (a)-(d)): • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident • A process for regularly testing, accessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

Sentinel have the solutions in place to backup your critical data such as servers and office 365.

Network Security

To be GDPR-compliant and maintain it, you will need to carry out regular audits and deploy network security solutions that will enable you to:

Protect the perimeter – deploy next-generation firewalls to reduce the network’s exposure to cyber threat, mitigate the risk of data leaks that could lead to a data breach resulting in stiff penalties assessed under GDPR, and deliver the forensic insight required to prove compliance and execute appropriate remediation following a breach.

Facilitate secure mobile access – foster the secure ﬂow of covered data while enabling employees to access the corporate applications and data they need in the way they prefer, and with the devices they choose. Enhance data security (while removing access obstructions) by combining identity components, device variables and temporal factors (time, location etc) to deliver an adaptive, risk-based approach that ensures the right access all the time, every time while concurrently improving data protection and GDPR compliance

Ensure email security – to fulfil GDPR requirements, achieve full control and visibility over email activity to mitigate the threat of phishing and other email-based attacks on protected information, while enabling the secure and compliant exchange of sensitive and confidential data.

Sentinel have the solutions in place to protect your business from security threats.

Business Class Antivirus

Managed antivirus helps to keep both known and emerging malware off workstations and servers. Our antivirus feature not only stays up to date with the latest threats using traditional signature-based protection, but also protects against new viruses using sophisticated heuristic checks and behavioural scanning.

Sentinel have the solutions in place to deploy antivirus and monitor threats.

Network Monitoring

As part of our first class support Sentinel monitor your systems to keep your IT environment healthy.

we can also provide a cloud to cloud backup solution to assist with GDPR compliance.

Integrated Access Management (IAM) and Data breach

Integrated access management is a combination of business processes, policies and technologies that allows organizations to provide secure access to confidential data. (IAM) is one solution, pertaining to access control and governance, which by granting people appropriate access to systems, data and applications can help towards GDPR compliancy.

Preventing breaches is by far the best way to ensure compliance. There are of course a number of common technologies and practices that can increase your data protection and enable GDPR compliance: encryption, network and e-mail security, access control and governance.

There are four fundamental principles that make up IAM:

• Authentication – this is what a user does to identify themselves to a system that they are attempting to access

• Authorisation – once a user is identified, what level of access – or permissions – do they have? Which resources should they access and what can they do with that resource?

• Administration – these critical activities (traditionally performed by IT) manage user authentication and authorisation. The more complex an organisation, the more likely that IAM administrative load will require automation

• Audit – GDPR requires organisations to periodically – as well as on-demand – prove that authentication, authorisation and administration are happening in a way that does not place personal data at risk or was not the culprit in the event of a breach.

By working with security professionals Sentinel can provide a solution to ensure your companies data is safe from unauthorised access and assist towards GDPR compliance.

From the blog

A huge THANK YOU to all who donated and supported us on the coast to coast challenge.
We smashed the target we had set and in the end raised nearly £3’500 for Trinity Hospice and Brian House. The ride was quite an epic through some challengin..